generated from ossf/project-template
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #16 from nellshamrell/project-support-criteria-take-2
creates focused criteria for evaluating memory safety efforts (more t…
- Loading branch information
Showing
2 changed files
with
18 additions
and
11 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# OpenSSF Memory Safety Project Support Program | ||
|
||
NOTE - This is currently a draft and this program has not been launched yet! | ||
|
||
[The OpenSSF TAC/Foundation is currently working on a funding model and process](https://github.com/ossf/Memory-Safety/pull/13#issuecomment-1791255657) for supporting project/efforts related to Open Source Software Security. | ||
|
||
This Working Group is focused specifically on how to technically evaluate a project/effort related to improving memory safety in Open Source Software. | ||
|
||
## Draft Criteria | ||
|
||
Does this project meaningfully improve memory safety within Open Source software [according to our definition of memory safety](https://github.com/ossf/Memory-Safety/blob/main/docs/definitions.md)? | ||
|
||
Meaningful efforts include (but are not limited to): | ||
|
||
* Targeted re-write efforts of Open Source software in memory safe by default languages | ||
* Educational efforts on memory safety in software | ||
* Tools/Processes which improve the memory safety of software when a rewrite in a memory safe by default language is not possible/practical | ||
* Efforts which reduce undefined behavior (related to memory safety) in commonly used Open Source software components |